[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v6 7/8] vpci/msi: Free MSI resources when init_msi() fails

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: "Chen, Jiqian" <Jiqian.Chen@xxxxxxx>
  • Date: Wed, 25 Jun 2025 09:47:33 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CprJL6e30ubqpLtgzxrXcJF5KCl+aapxkW/fPW/kgtg=; b=MVhqiNjyM7F/TQEz0RPoDmgjG925F5wRPzhV/BQK4Um7CXm5C2zgBtey3Kl1vzi58My6aaHBx5g/lAxh9TJ1+bBiSi6j+uNhZQRR6tlZ0WeNRx2vwfRJnu2kyvwrvt2Ks9aIept/1SEsHi3v8i84ULesR/Tyf3Kkh87uCVXZOr8PqCUrHn6rjY44ERmnUU5UyhJJe34MzjWAeks9iDF0K8iKyH2FnLhbB8Bmd0YpKc4WxaMsb9loP+i3SZdCEyf0aYXSV9TLjGcRlDTEZ6w8Rg3VqLRGORhKAbaggmpjXYd7yzJ1rQEAR5u5k4bYdRAx1TR36PYyMUAl+I6Gg0elrw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=qG1u5Dm0/BbUuBMzfotPeTpl0+fjZ17OsmcTIHW9HvC/tb53nD4qU0z4TAbdlSJavjOiPtIrZVhjh3+DRdKPYmVTGlmBWwMGTuMdH3T0wo95iPWRSaXEnRL8OJ7X8jTtMMPQNc6ceqFMy3L5u2CVcwq5PvOGFbDdOZoyi1V07WYK0qXG+FogcNegXnjhG0i8eN6kTX9mjtdceDGp8JmIUjmOvwTP9MFye3nHfk7Qzrjx4/HF2AxGTfCNnZ0ajGTbIoh0e/RLkeKI/Iiuz6hjZy81/PPoeFqX29Rqx9GgJhTLFJKqCxJ/jOB6TeVDm2eQcORkJMTPIoW5wMWkxL5eQQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com;
  • Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "Huang, Ray" <Ray.Huang@xxxxxxx>, "Chen, Jiqian" <Jiqian.Chen@xxxxxxx>
  • Delivery-date: Wed, 25 Jun 2025 09:47:56 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHb23yeMT8YFCMR3kaLDqQP1+DTK7QJCD4AgAme+gD//4QlAIAB4iSA//+e0YCAAIz0gA==
  • Thread-topic: [PATCH v6 7/8] vpci/msi: Free MSI resources when init_msi() fails
On 2025/6/25 17:15, Jan Beulich wrote:
> On 25.06.2025 09:16, Chen, Jiqian wrote:
>> On 2025/6/24 18:17, Jan Beulich wrote:
>>> On 24.06.2025 11:49, Chen, Jiqian wrote:
>>>> On 2025/6/18 22:45, Jan Beulich wrote:
>>>>> On 12.06.2025 11:29, Jiqian Chen wrote:
>>>>>> --- a/xen/drivers/vpci/msi.c
>>>>>> +++ b/xen/drivers/vpci/msi.c
>>>>>> @@ -193,6 +193,33 @@ static void cf_check mask_write(
>>>>>>      msi->mask = val;
>>>>>>  }
>>>>>>  
>>>>>> +static int cf_check cleanup_msi(struct pci_dev *pdev)
>>>>>> +{
>>>>>> +    int rc;
>>>>>> +    unsigned int end, size;
>>>>>> +    struct vpci *vpci = pdev->vpci;
>>>>>> +    const unsigned int msi_pos = pdev->msi_pos;
>>>>>> +    const unsigned int ctrl = msi_control_reg(msi_pos);
>>>>>> +
>>>>>> +    if ( !msi_pos || !vpci->msi )
>>>>>> +        return 0;
>>>>>> +
>>>>>> +    if ( vpci->msi->masking )
>>>>>> +        end = msi_pending_bits_reg(msi_pos, vpci->msi->address64);
>>>>>> +    else
>>>>>> +        end = msi_mask_bits_reg(msi_pos, vpci->msi->address64) - 2;
>>>>>> +
>>>>>> +    size = end - ctrl;
>>>>>> +
>>>>>> +    rc = vpci_remove_registers(vpci, ctrl, size);
>>>>>> +    if ( rc )
>>>>>> +        return rc;
>>>>>
>>>>> This is a difficult one: It's not a good idea to simply return here, yet
>>>>> at the same time the handling of the register we're unable to remove may
>>>>> still require e.g. ...
>>>>>
>>>>>> +    XFREE(vpci->msi);
>>>>>
>>>>> ... this. There may therefore be more work required, such that in the
>>>>> end we're able to ...
>>>>>
>>>>>> +    return vpci_add_register(pdev->vpci, vpci_hw_read16, NULL, ctrl, 2, 
>>>>>> NULL);
>>>>>
>>>>> ... try this at least on a best effort basis.
>>>>>
>>>>> More generally: I don't think failure here (or in other .cleanup hook
>>>>> functions) may go entirely silently.
>>>> Does below meet your modification expectations?
>>>
>>> Not sure, sorry. By "more" I really meant "more" (which may just be code
>>> auditing, results of which would need writing down, but which may also
>>> involve further code changes; see below).
>>>
>>>>     rc = vpci_remove_registers(vpci, ctrl, size);
>>>>     if ( rc )
>>>>         printk(XENLOG_ERR "%pd %pp: remove msi handlers fail rc=%d\n",
>>>>                pdev->domain, &pdev->sbdf, rc);
>>>>
>>>>     XFREE(vpci->msi);
>>>
>>> As I tried to indicate in my earlier reply, the freeing of this struct is
>>> safe only if the failure above would not leave any register handlers in
>>> place which still (without appropriate checking) use this struct.
>> Hmm, but all handlers added in init_msi() use this struct.
>> So it doesn't exist the case that when above unable to remove all handlers 
>> and still require xfree this struct.
> 
> Well, in the end you say in different words what I did say, if I understand
> correctly. There are several options how to deal with that. One might be to
> have those handlers recognize the lack of that pointer, and behave like ...
> 
>>>>     /*
>>>>      * The driver may not traverse the capability list and think device
>>>>      * supports MSI by default. So here let the control register of MSI
>>>>      * be Read-Only is to ensure MSI disabled.
>>>>      */
>>>>     rc = vpci_add_register(vpci, vpci_hw_read16, NULL, ctrl, 2, NULL);
> 
> ... what is tried to be put in place here (and like "no handler installed"
> for other registers).
According to your suggest. What I can think of is when vpci_remove_registers() 
fails,
then lookup the MSI related handlers,
and set the read/write hook to be vpci_ignored_read()/vpci_ignored_write(),
and set the private data to be NULL.
Is it acceptable?

> 
>>> You're losing the earlier error here, if there was one. If this one
>>> succeeds, ...
>> But if return the earlier error to the caller, this device will be unusable, 
>> then still adding this handler when above failing to remove handlers is 
>> useless.
> 
> True, yet that's the case also with your code if removing the ctrl handler
> failed, as then the attempt above to add another handler would also fail.
> 
> I don't know what the best approach is (I did suggest one above, albeit
> that's not quite complete yet as to the behavior here); I merely observed
> that the behavior as you have it doesn't look quite right / consistent.
> 
> Jan
> 
>>>>     if ( rc )
>>>>         printk(XENLOG_ERR "%pd %pp: add dummy msi ctrl handler fail 
>>>> rc=%d\n",
>>>>                pdev->domain, &pdev->sbdf, rc);
>>>>
>>>>     return rc;
>>>
>>> ... the caller would (wrongly) get success back.
>>>
>>> Jan
>>
> 

-- 
Best regards,
Jiqian Chen.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.